You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by Niklas Gustavsson <ni...@protocol7.com> on 2010/03/11 08:58:11 UTC
Re: [vysper] java.security.KeyStoreException running XMPPServer with
Apache Harmony
On Thu, Mar 11, 2010 at 8:06 AM, Jean-Sebastien Delfino
<js...@apache.org> wrote:
> Looks like Vysper hardcodes the Keystore type to JKS [2], which is not
> supported by Harmony [3][4]. Would there be a way to make this configurable
> (with a set method on XMPPServer?) and support another Keystore type like
> Bouncy Castle BKS?
Perhaps we should make this configurable on AbstractTLSContextFactory
and allow for injecting a TLSContextFactory into XMPPServer? Anyways,
could you open a JIRA issue for this problem and we'll have a look.
It would be very interesting to later on hear more about your results
of running Vysper on Harmony. I have previously struggled with getting
FtpServer running on Harmony due to bugs in the NIO implementation in
Harmony:
https://issues.apache.org/jira/browse/HARMONY-6097
https://issues.apache.org/jira/browse/HARMONY-6105
I haven't retried Harmony for a long time so things might have improved.
/niklas
Re: [vysper] java.security.KeyStoreException running XMPPServer with
Apache Harmony
Posted by Bernd Fondermann <be...@googlemail.com>.
On Thu, Mar 11, 2010 at 10:39, Niklas Gustavsson <ni...@protocol7.com> wrote:
> On Thu, Mar 11, 2010 at 9:56 AM, Niklas Gustavsson <ni...@protocol7.com> wrote:
>> Yes, we got Harmony set up as a JVM in Hudson. Tim Ellison, one of the
>> Harmony committers is also a Hudson admin. I'll have a go at setting
>> up a build.
>
> Done: http://hudson.zones.apache.org/hudson/job/vysper-trunk-harmony1.5-ubuntu/1/
>
> Currently fails miserably on compiling the APT stuff, I have no idea
> if Harmony have any support for it?
nope, see https://issues.apache.org/jira/browse/HARMONY-6450
Bernd
Re: [vysper] java.security.KeyStoreException running XMPPServer with
Apache Harmony
Posted by Niklas Gustavsson <ni...@protocol7.com>.
On Thu, Mar 11, 2010 at 9:56 AM, Niklas Gustavsson <ni...@protocol7.com> wrote:
> Yes, we got Harmony set up as a JVM in Hudson. Tim Ellison, one of the
> Harmony committers is also a Hudson admin. I'll have a go at setting
> up a build.
Done: http://hudson.zones.apache.org/hudson/job/vysper-trunk-harmony1.5-ubuntu/1/
Currently fails miserably on compiling the APT stuff, I have no idea
if Harmony have any support for it?
/niklas
Re: [vysper] java.security.KeyStoreException running XMPPServer with
Apache Harmony
Posted by Niklas Gustavsson <ni...@protocol7.com>.
On Thu, Mar 11, 2010 at 9:38 AM, Bernd Fondermann
<be...@googlemail.com> wrote:
> Is there a change to get a Vysper/Harmony build on Hudson?
Yes, we got Harmony set up as a JVM in Hudson. Tim Ellison, one of the
Harmony committers is also a Hudson admin. I'll have a go at setting
up a build.
/niklas
Re: [vysper] java.security.KeyStoreException running XMPPServer with
Apache Harmony
Posted by Niklas Gustavsson <ni...@protocol7.com>.
On Sat, Mar 13, 2010 at 6:51 PM, Jean-Sebastien Delfino
<js...@apache.org> wrote:
> I'm able to build the server and core modules
I've now configured our Harmony build on Hudson to only build server/*
modules. As you note, it seems to be working:
http://hudson.zones.apache.org/hudson/job/vysper-trunk-harmony1.5-ubuntu/4/
In this case, it will pull in the nbxml and speccompliance modules
from the vysper-trunk-jdk1.5-ibm-ubuntu build.
/niklas
Re: [vysper] java.security.KeyStoreException running XMPPServer with
Apache Harmony
Posted by Bernd Fondermann <be...@googlemail.com>.
On Tue, Mar 16, 2010 at 10:12, Niklas Gustavsson <ni...@protocol7.com> wrote:
> On Tue, Mar 16, 2010 at 10:00 AM, Bernd Fondermann
> <be...@googlemail.com> wrote:
>> Yes.
>>
>> org.apache.vysper.xmpp.server.ServerFeatures.setStartTLSRequired(false);
>>
>> - or -
>>
>> <bean id="serverFeatures" class="org.apache.vysper.xmpp.server.ServerFeatures">
>> ...
>> <property name="startTLSRequired" value="false"/>
>> </bean>
>>
>> Hope that works, long not tried...
>
> Sounds like this needs a test :-)
exactly! found notes today that SSL and SASL have to be covered by tests.
:-)
Bernd
Re: [vysper] java.security.KeyStoreException running XMPPServer with
Apache Harmony
Posted by Niklas Gustavsson <ni...@protocol7.com>.
On Tue, Mar 16, 2010 at 10:00 AM, Bernd Fondermann
<be...@googlemail.com> wrote:
> Yes.
>
> org.apache.vysper.xmpp.server.ServerFeatures.setStartTLSRequired(false);
>
> - or -
>
> <bean id="serverFeatures" class="org.apache.vysper.xmpp.server.ServerFeatures">
> ...
> <property name="startTLSRequired" value="false"/>
> </bean>
>
> Hope that works, long not tried...
Sounds like this needs a test :-)
/niklas
Re: [vysper] java.security.KeyStoreException running XMPPServer with
Apache Harmony
Posted by Bernd Fondermann <be...@googlemail.com>.
On Tue, Mar 16, 2010 at 07:57, Jean-Sebastien Delfino
<js...@apache.org> wrote:
> Bernd Fondermann wrote:
>>
>> On Sat, Mar 13, 2010 at 18:51, Jean-Sebastien Delfino
>> <js...@apache.org> wrote:
>>>
>>> Bernd Fondermann wrote:
>>>>
>>>> On Thu, Mar 11, 2010 at 08:58, Niklas Gustavsson <ni...@protocol7.com>
>>>> wrote:
>>>
>>> ...
>>>
>>>>> Perhaps we should make this configurable on AbstractTLSContextFactory
>>>>> and allow for injecting a TLSContextFactory into XMPPServer? Anyways,
>>>>> could you open a JIRA issue for this problem and we'll have a look.
>>>
>>> Done: https://issues.apache.org/jira/browse/VYSPER-188
>>>
>>>>> It would be very interesting to later on hear more about your results
>>>>> of running Vysper on Harmony.
>>>
>>> ...
>>>
>>> I'm able to build the server and core modules, run XMPPServer,
>>
>> How do you do that? Our Harmony-based CI env exits because the apt
>> tool is not available in Harmony.
>
> Like Niklas is doing too now [1]. I'm building spec-compliance with another
> JDK, all other modules with Harmony, and spec-compliance is just picked up
> from my local Maven repos.
>
>>> then I'm
>>> hitting that KeyStore exception.
>>>
>>> Patching the code to use BKS gets me much further (see my additional
>>> comments in VYSPER-188).
>>
>> Great!
>>
>>> That's a good sign, but I don't know yet if there's
>>> other problems downstream hiding behind this one :)
>>
>> Do we need to get some Harmony people on board?
>>
>
> I've asked on dev@harmony for how to trace SSL [2], and added the trace to
> VYSPER-188.
>
> I'm not sure where to go from there, as the trace doesn't contain much, and
> I really need this working even without SSL/TLS.
>
> Is there a way to disable SSL/TLS altogether with Vysper so that it won't
> even try to use SSL?
Yes.
org.apache.vysper.xmpp.server.ServerFeatures.setStartTLSRequired(false);
- or -
<bean id="serverFeatures" class="org.apache.vysper.xmpp.server.ServerFeatures">
...
<property name="startTLSRequired" value="false"/>
</bean>
Hope that works, long not tried...
Bernd
Re: [vysper] java.security.KeyStoreException running XMPPServer with
Apache Harmony
Posted by Jean-Sebastien Delfino <js...@apache.org>.
Bernd Fondermann wrote:
> On Sat, Mar 13, 2010 at 18:51, Jean-Sebastien Delfino
> <js...@apache.org> wrote:
>> Bernd Fondermann wrote:
>>> On Thu, Mar 11, 2010 at 08:58, Niklas Gustavsson <ni...@protocol7.com>
>>> wrote:
>> ...
>>
>>>> Perhaps we should make this configurable on AbstractTLSContextFactory
>>>> and allow for injecting a TLSContextFactory into XMPPServer? Anyways,
>>>> could you open a JIRA issue for this problem and we'll have a look.
>> Done: https://issues.apache.org/jira/browse/VYSPER-188
>>
>>>> It would be very interesting to later on hear more about your results
>>>> of running Vysper on Harmony.
>> ...
>>
>> I'm able to build the server and core modules, run XMPPServer,
>
> How do you do that? Our Harmony-based CI env exits because the apt
> tool is not available in Harmony.
Like Niklas is doing too now [1]. I'm building spec-compliance with
another JDK, all other modules with Harmony, and spec-compliance is just
picked up from my local Maven repos.
>> then I'm
>> hitting that KeyStore exception.
>>
>> Patching the code to use BKS gets me much further (see my additional
>> comments in VYSPER-188).
>
> Great!
>
>> That's a good sign, but I don't know yet if there's
>> other problems downstream hiding behind this one :)
>
> Do we need to get some Harmony people on board?
>
I've asked on dev@harmony for how to trace SSL [2], and added the trace
to VYSPER-188.
I'm not sure where to go from there, as the trace doesn't contain much,
and I really need this working even without SSL/TLS.
Is there a way to disable SSL/TLS altogether with Vysper so that it
won't even try to use SSL?
Thanks
[1] http://www.mail-archive.com/dev@mina.apache.org/msg15861.html
[2] http://www.mail-archive.com/dev@harmony.apache.org/msg19506.html
--
Jean-Sebastien
Re: [vysper] java.security.KeyStoreException running XMPPServer with
Apache Harmony
Posted by Bernd Fondermann <be...@googlemail.com>.
On Sat, Mar 13, 2010 at 18:51, Jean-Sebastien Delfino
<js...@apache.org> wrote:
> Bernd Fondermann wrote:
>>
>> On Thu, Mar 11, 2010 at 08:58, Niklas Gustavsson <ni...@protocol7.com>
>> wrote:
>
> ...
>
>>> Perhaps we should make this configurable on AbstractTLSContextFactory
>>> and allow for injecting a TLSContextFactory into XMPPServer? Anyways,
>>> could you open a JIRA issue for this problem and we'll have a look.
>
> Done: https://issues.apache.org/jira/browse/VYSPER-188
>
>>> It would be very interesting to later on hear more about your results
>>> of running Vysper on Harmony.
>
> ...
>
> I'm able to build the server and core modules, run XMPPServer,
How do you do that? Our Harmony-based CI env exits because the apt
tool is not available in Harmony.
> then I'm
> hitting that KeyStore exception.
>
> Patching the code to use BKS gets me much further (see my additional
> comments in VYSPER-188).
Great!
> That's a good sign, but I don't know yet if there's
> other problems downstream hiding behind this one :)
Do we need to get some Harmony people on board?
Bernd
Re: [vysper] java.security.KeyStoreException running XMPPServer with
Apache Harmony
Posted by Jean-Sebastien Delfino <js...@apache.org>.
Bernd Fondermann wrote:
> On Thu, Mar 11, 2010 at 08:58, Niklas Gustavsson <ni...@protocol7.com> wrote:
...
>> Perhaps we should make this configurable on AbstractTLSContextFactory
>> and allow for injecting a TLSContextFactory into XMPPServer? Anyways,
>> could you open a JIRA issue for this problem and we'll have a look.
Done: https://issues.apache.org/jira/browse/VYSPER-188
>> It would be very interesting to later on hear more about your results
>> of running Vysper on Harmony.
...
I'm able to build the server and core modules, run XMPPServer, then I'm
hitting that KeyStore exception.
Patching the code to use BKS gets me much further (see my additional
comments in VYSPER-188). That's a good sign, but I don't know yet if
there's other problems downstream hiding behind this one :)
--
Jean-Sebastien
Re: [vysper] java.security.KeyStoreException running XMPPServer with
Apache Harmony
Posted by Bernd Fondermann <be...@googlemail.com>.
On Thu, Mar 11, 2010 at 08:58, Niklas Gustavsson <ni...@protocol7.com> wrote:
> On Thu, Mar 11, 2010 at 8:06 AM, Jean-Sebastien Delfino
> <js...@apache.org> wrote:
>> Looks like Vysper hardcodes the Keystore type to JKS [2], which is not
>> supported by Harmony [3][4]. Would there be a way to make this configurable
>> (with a set method on XMPPServer?) and support another Keystore type like
>> Bouncy Castle BKS?
Great idea, thanks for trying Vysper in Harmony!
I think we should fix this and become the first XMPP Java application
to survive...
/suddenly the sky darkens, you hear thunder and see light strokes at
the horizon/
the sudden uncomprehensible disappearance of the free Sun JDK!
> Perhaps we should make this configurable on AbstractTLSContextFactory
> and allow for injecting a TLSContextFactory into XMPPServer? Anyways,
> could you open a JIRA issue for this problem and we'll have a look.
>
> It would be very interesting to later on hear more about your results
> of running Vysper on Harmony. I have previously struggled with getting
> FtpServer running on Harmony due to bugs in the NIO implementation in
> Harmony:
> https://issues.apache.org/jira/browse/HARMONY-6097
> https://issues.apache.org/jira/browse/HARMONY-6105
>
> I haven't retried Harmony for a long time so things might have improved.
Is there a change to get a Vysper/Harmony build on Hudson?
Do Harmony people have reference apps they test?
Bernd